Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Find Best Solution
  FAQ FAQ  Forum Search   Register Register  Login Login

Find Best Solution
 Post Reply Post Reply
Author
  Topic Search Topic Search  Topic Options Topic Options
kjd View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote kjd Quote  Post ReplyReply Direct Link To This Post Topic: Find Best Solution
    Posted: 07 May 2004 at 10:40am

Please Help!

Currently My Mail System  look like this

McAfee WebShield 4.5.1 Gateway listen on port 25 forward to Mail Server (FTGate 2.x )on port 5088  both are installed on same machine, client machine configure to send/receive on LAN IP address port 25

I try to install SpamFilter ISP to work with current mail system and my user can send mail to internet without change their mail configuration.

I have tried  

WebShield port 25  forward to port 5087 (SpamFilter)

SpamFilter  listen on port 5087 forward to port 5088 (FTGate mail Server)

But still cannot send mail to Internet.  

I need help!,  thanks very much

kjd

 

 
Back to Top
bpogue99 View Drop Down
Groupie
Groupie


Joined: 26 January 2005
Status: Offline
Points: 59 		Post Options Post Options   Thanks (0) Thanks(0)   Quote bpogue99 Quote  Post ReplyReply Direct Link To This Post Posted: 07 May 2004 at 11:58am

Hi,

I'm not sure I have an exact answer for your problem, but if Webshield is set to forward email it receives to Spam Filter, and Spam Filter is set to forward email it receives to your Email Server, then it is your Email Server that must be configured to send out the email. I am not familar with Webshields enough to know exactly how it's operating in your environment.

However, by having Spam Filter not answer for port 25 you lose the ability to block emails by IP since in your configuration the email is always coming from the same machine. A different approach might be to have Spam Filter on port 25, Webshield on a different port, and let Spam Filter handle incoming mail. In this scenario you get the benefit of using blacklist blocking on the emails.

Another approach, and I say it this way because I don't know how Webshield works, but you could leave your existing configuration as-is since it worksm, but add a second IP to your NIC on your server. Assign Spam Filter to answer port 25 on that IP only. Set your firewall to point incoming email to that same IP. This let's Spam Filter answer for port 25 and you get the ability to use the blacklist via incoming IP. Have Spam Filter forward email to the original IP port 25. Your users still use the original IP to send/receive email, incoming email from the Internet gets filtered, so both things may be addressed.

bill
Back to Top
kjd View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote kjd Quote  Post ReplyReply Direct Link To This Post Posted: 07 May 2004 at 1:28pm

Thanks Bill,

McAfee WebShield SMTP is an Anti-Virus Internet Mail Gateway, It's run on NT4 sp6a

yes, I have tried to set  spamfilter listen on port 25 and forward to webshield on port 5087 then forward to FTGate mailserver on port 5088

but LAN's user cannot send mail to internet, it's rejected -- no relay allowed

 it's error somethings like this...

The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'kitti10160@yahoo.com'. Subject 'test 7may04', Account: '128.4.200.1', Server: '128.4.200.1', Protocol: SMTP, Server Response: '557 You are not allowed to send mail to kitti10160@yahoo.com', Port: 25, Secure(SSL): No, Server Error: 557, Error Number: 0x800CCC79

 
Back to Top
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Posted: 07 May 2004 at 5:02pm

If all 3 servers are on the same machine, the "best" setup should follow the following: (ports can be your choic.  This is my example of a known working system.)

First Server: SpamFilter  LISTEN Port = 25  SEND Port = 26

Second Server: WebShield 4.5  LISTEN Port = 26   SEND Port = 5525

Third Server: (Standard Mail Server) LISTEN Port = 5525

The problem here is that WebShield is the server that your clients should mail through and the port is not standard.  So ....

The fact is that WebShield will ONLY LISTEN on the Windows NT PRIMARY IP so here is what can be done.  Set up a second IP and set your MX record to point to that.  Set SpamFilters LISTEN IP to be the Secondary IP and the Port to be 25. Set the destination server to the PRIMARY IP and the port to 25

Then you can set WebShield to LISTEN on 25 and send to what ever your mail server is set for.  Your clients should be set to send on the PRIMARY IP.

WebShield settings MUST be set as follows:

Under the "Delivery" Tab, And then the "Mail Send" tab, the "WebShield and the mail server are on the same server" must be checked.   Delivery Methode should be set to Deliver all email to the local mail server.

In the Anti Spam-Relay section, all your client IP must be included and you must (due to a bug) have at least one domain listed and it really doesn't matter what domain as long as it is one of your valid ones.

I hope this helps.  It is not as complicated as it sounds.  Just hard to explain.

Regards,

Dan S.
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4106 		Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 08 May 2004 at 5:44pm

Kitti,

Please note that by default SpamFilter is configured and designed to handle your incoming email only, it will not allow emails to be relayed to the internet. It does this by accepting only emails addressed to the domains listed in your "Local Domains". Any email that is given to SpamFilter for delivery that is not going to a domain in that list will be rejected. If this was not the case, spammer on the internet would be using SpamFilter as an open relay to send their spam email.

This means that if you have SpamFilter configured to listen on port 25, and your internal customers have SpamFilter's IP and port configured as their "outgoing SMTP server" in their email client settings, they will not be allowed to relay when sending email to the internet.

If you'd like to allow them to relay, you will need to add the IP addresses (or class C's - B's) of your internal customers to an IP whitelist in SpamFilter so that relay can occur.

If instead you still have Webshield configured to listen on port 25, and have it forward email to SpamFilter, you will need to add Webshield's IP address to SpamFilter's IP whitelist so that it can relay mail. Please note that if you do this you'll need to configure Webshield properly so that it does not become an open relay.

Roberto F.
LogSat Software
Back to Top
kjd View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote kjd Quote  Post ReplyReply Direct Link To This Post Posted: 09 May 2004 at 6:07am

Thanks to all,

My 3 servers configure perfect and worked as I expected.

Thanks again.

KJD

 
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.117 seconds.

Copyright (c)2002-2025 LogSat Software LLC - Sales: sales@LogSat.com
Contact Us